Jobs · Information Technology · Utah

Security Engineer

Snap Finance · West Valley City, UT · 1 wk ago
Information TechnologyFull-time

About the role

The Security Engineer will own the day-to-day security of our multi-region AWS environment, including security tooling, incident response, vulnerability management, and automation. They will also support security metrics, compliance, and executive/board reporting.

Responsibilities

  • Secure and Operate the Cloud Environment
  • Operate the full security toolset: CSPM, SIEM, vulnerability management, network security, ZTNA, DLP, EDR, and endpoint management
  • Drive the vulnerability management lifecycle end to end: scan cadence, prioritization, remediation SLAs, and reporting
  • Manage identity and access infrastructure in collaboration with IT, spanning MFA, IAM, IGA, privileged access, and credential management
  • Lead the buildout of a Privileged Access Management (PAM) program
  • Support ongoing cloud migration security workstreams
  • Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
  • Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
  • Contribute to executive and board-level security reporting — translate operational data into clear program narratives
  • Build, Automate, and Elevate the Team
  • Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
  • Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
  • Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
  • Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
  • Build and contribute to Agentic AI frameworks within the security program
  • Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
  • Own the Security Program Within Your Domain
  • Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
  • Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
  • Own the Security Program Within Your Domain
  • Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
  • Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
  • Contribute to executive and board-level security reporting — translate operational data into clear program narratives
  • Build, Automate, and Elevate the Team
  • Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
  • Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
  • Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
  • Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
  • Build and contribute to Agentic AI frameworks within the security program
  • Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
  • Own the Security Program Within Your Domain
  • Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
  • Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
  • Own the Security Program Within Your Domain
  • Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
  • Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
  • Contribute to executive and board-level security reporting — translate operational data into clear program narratives
  • Build, Automate, and Elevate the Team
  • Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
  • Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
  • Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
  • Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
  • Build and contribute to Agentic AI frameworks within the security program
  • Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
  • Own the Security Program Within Your Domain
  • Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
  • Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
  • Own the Security Program Within Your Domain
  • Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
  • Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
  • Contribute to executive and board-level security reporting — translate operational data into clear program narratives
  • Build, Automate, and Elevate the Team
  • Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
  • Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
  • Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
  • Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
  • Build and contribute to Agentic AI frameworks within the security program
  • Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
  • Own the Security Program Within Your Domain
  • Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
  • Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
  • Own the Security Program Within Your Domain
  • Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
  • Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
  • Contribute to executive and board-level security reporting — translate operational data into clear program narratives
  • Build, Automate, and Elevate the Team
  • Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
  • Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
  • Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
  • Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
  • Build and contribute to Agentic AI frameworks within the security program
  • Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
  • Own the Security Program Within Your Domain
  • Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
  • Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
  • Own the Security Program Within Your Domain
  • Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
  • Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
  • Contribute to executive and board-level security reporting — translate operational data into clear program narratives
  • Build, Automate, and Elevate the Team
  • Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
  • Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
  • Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
  • Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
  • Build and contribute to Agentic AI frameworks within the security program
  • Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
  • Own the Security Program Within Your Domain
  • Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
  • Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
  • Own the Security Program Within Your Domain
  • Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
  • Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
  • Contribute to executive and board-level security reporting — translate operational data into clear program narratives
  • Build, Automate, and Elevate the Team
  • Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
  • Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
  • Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
  • Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
  • Build and contribute to Agentic AI frameworks within the security program
  • Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
  • Own the Security Program Within Your Domain
  • Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
  • Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
  • Own the Security Program Within Your Domain
  • Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
  • Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
  • Contribute to executive and board-level security reporting — translate operational data into clear program narratives
  • Build, Automate, and Elevate the Team
  • Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices

Similar jobs

Security Engineer

Great Value HiringUnited States· 5 days ago
RemoteInformation Technology$85/hrapply on candidateportalnew.ceipal.com

Security Engineer

Cogent PeopleColumbia, MD· 1 mo ago
Information Technologyapply on recruiting.paylocity.com

Security Engineer

EABRichmond, VA· 3 wk ago
Engineering$74k–$93k/yrapply on recruit.hirebridge.com

Security Engineer

AnaVation LLCWashington, United States· 5 days ago
Information Technologyapply on ajax.googleapis.com

Security Engineer

Cartamundi North AmericaDallas, TX· 3 wk ago
Manufacturingapply on workforcenow.adp.com